Rezultat naprawy Farbar Recovery Scan Tool (x64) Wersja: 04.10.2018
Uruchomiony przez Mateusz (05-10-2018 22:38:53) Run:1
Uruchomiony z C:\Users\Mateusz\Desktop
Załadowane profile: Mateusz (Dostępne profile: Mateusz)
Tryb startu: Normal
==============================================

fixlist - zawartość:
*****************
Task: {3992E701-46A6-402D-8130-DB9FF4050A42} - System32\Tasks\{884B191B-9274-E0A0-3871-AD485E14B644} => C:\Program Files (x86)\Common Files\oMEEyIhiYGMHv.exe [2018-04-12] (Microsoft Corporation)
Task: {7BF78027-961D-41B3-B112-7E18D4C1F8A6} - System32\Tasks\{52080048-884A-6E23-A9A3-1DD1C0CA9A6A} => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" hxxp://fpagesnews.com/cl/?guid=e6xfh023w192kreo5df5v1h1gv2jrdhv&prid=1&pid=4_1324_0
S3 mracsvc; C:\Windows\System32\mracsvc.exe [5444824 2017-10-12] (LLC Mail.Ru)
S3 mracdrv; C:\WINDOWS\System32\drivers\mracdrv.sys [4933888 2017-10-12] (LLC Mail.Ru)
C:\WINDOWS\System32\drivers\mracdrv.sys
C:\Windows\System32\mracsvc.exe
C:\Users\Mateusz\AppData\Local\CyBPc.exe
C:\Program Files (x86)\Common Files\o﻿MEEyIhiYGMHv.exe
C:\Users\Mateusz\AppData\Local\imw.ini
C:\Users\Mateusz\AppData\Roaming\iSyuaFi.exe
FirewallRules: [{3C55A98C-C38E-4482-A1A4-DEC027235489}] => (Allow) C:\WINDOWS\SysWOW64\msiexec.exe
FirewallRules: [{A9631ADB-6B41-4B46-83A9-5D6FF7791318}] => (Allow) C:\Users\Mateusz\AppData\Local\CyBPc.exe
FirewallRules: [{7E051087-4FBA-4BB8-B152-EE29471EF55A}] => (Allow) C:\Program Files (x86)\Common Files\oMEEyIhiYGMHv.exe
FirewallRules: [{EAC3A1F1-82DD-49EA-B8F7-9D66539226E5}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{E661A12E-FA7F-4C03-A800-CBE6E9CC406F}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{A1539356-A8DA-4400-AFF5-D1D8DE244B69}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{E85D05CC-A84C-4C7E-AFBF-398966ED1CBC}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{E1D45733-2909-4B5D-8AAD-A9FABF9C3E6C}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{DAFCB39F-30FD-4895-A46F-9C2E4CC1EA81}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{BC44CFED-7D43-472D-A5BF-D0B0FF5240BC}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{AF294C66-56C2-4614-B378-2D0684DF75EC}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{2C9DBA85-14D6-4468-8D7C-EF38E8FF141F}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{9A504F18-DBCD-41D5-8BFB-39CCE6B8A1C1}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{6ECC61E4-0498-4CCE-9DCD-F598A3DBE78D}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{4E82C839-10DB-4D06-B2B6-494B89DC878C}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{255926EE-BD54-46DB-AACF-6251A7E87896}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{E27A0108-5C7E-45C6-A090-FFFBBAC5DBA3}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{2D431390-8D2A-40E3-97BB-0E899C81E8F7}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{B929EED5-A07E-4412-95BD-8C394BC4C09B}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{5641C0D3-92F5-4A1B-A7ED-CA66AEB6E26B}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{AB7967E9-BB12-4822-9063-5C7BCA796C22}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{E3F85092-D875-4403-A371-61A5996667A5}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{7CB7781B-F3D5-48ED-B68A-435968844846}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{5922DAC3-55BA-4799-9D67-B82465187876}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{10543E1C-2AAB-41EF-9444-6826F310351A}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{BF7ACBF5-25C9-4562-828E-2FA576B5F02C}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{46E0CBD9-C4CB-4AFE-95BA-26DDB4B4B167}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{72EC2928-AC60-4754-8298-66C54A14C006}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{19B452F4-86ED-4602-9D4C-42C577B455B3}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{E271FE5C-0878-4247-B3BC-D78B25A12DAA}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{06161BD7-7A51-44AD-B98E-977D6238C9BE}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{09C0B90D-0B42-4F89-BBC3-63BA27CBCC88}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{3CD4F7BA-2F55-4053-BB93-4E12B126B05F}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{DC2CDB42-EE51-401F-899F-0583DB524BBA}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{AE58AB13-944D-412A-9566-9A8FAE7285F1}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{EE6E91AB-C80B-4A38-BB8B-56018CAD3642}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
EmptyTemp:
*****************

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{3992E701-46A6-402D-8130-DB9FF4050A42}" => pomyślnie usunięto
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3992E701-46A6-402D-8130-DB9FF4050A42}" => pomyślnie usunięto
C:\WINDOWS\System32\Tasks\{884B191B-9274-E0A0-3871-AD485E14B644} => pomyślnie przeniesiono
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{884B191B-9274-E0A0-3871-AD485E14B644}" => pomyślnie usunięto
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7BF78027-961D-41B3-B112-7E18D4C1F8A6}" => pomyślnie usunięto
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7BF78027-961D-41B3-B112-7E18D4C1F8A6}" => pomyślnie usunięto
C:\WINDOWS\System32\Tasks\{52080048-884A-6E23-A9A3-1DD1C0CA9A6A} => pomyślnie przeniesiono
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{52080048-884A-6E23-A9A3-1DD1C0CA9A6A}" => pomyślnie usunięto
HKLM\System\CurrentControlSet\Services\mracsvc => pomyślnie usunięto
mracsvc => serwis pomyślnie usunięto
HKLM\System\CurrentControlSet\Services\mracdrv => pomyślnie usunięto
mracdrv => serwis pomyślnie usunięto
C:\WINDOWS\System32\drivers\mracdrv.sys => pomyślnie przeniesiono
C:\Windows\System32\mracsvc.exe => pomyślnie przeniesiono
C:\Users\Mateusz\AppData\Local\CyBPc.exe => pomyślnie przeniesiono
"C:\Program Files (x86)\Common Files\o﻿MEEyIhiYGMHv.exe" => nie znaleziono
C:\Users\Mateusz\AppData\Local\imw.ini => pomyślnie przeniesiono
C:\Users\Mateusz\AppData\Roaming\iSyuaFi.exe => pomyślnie przeniesiono
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3C55A98C-C38E-4482-A1A4-DEC027235489}" => pomyślnie usunięto
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A9631ADB-6B41-4B46-83A9-5D6FF7791318}" => pomyślnie usunięto
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7E051087-4FBA-4BB8-B152-EE29471EF55A}" => pomyślnie usunięto
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{EAC3A1F1-82DD-49EA-B8F7-9D66539226E5}" => pomyślnie usunięto
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E661A12E-FA7F-4C03-A800-CBE6E9CC406F}" => pomyślnie usunięto
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A1539356-A8DA-4400-AFF5-D1D8DE244B69}" => pomyślnie usunięto
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E85D05CC-A84C-4C7E-AFBF-398966ED1CBC}" => pomyślnie usunięto
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E1D45733-2909-4B5D-8AAD-A9FABF9C3E6C}" => pomyślnie usunięto
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{DAFCB39F-30FD-4895-A46F-9C2E4CC1EA81}" => pomyślnie usunięto
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{BC44CFED-7D43-472D-A5BF-D0B0FF5240BC}" => pomyślnie usunięto
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{AF294C66-56C2-4614-B378-2D0684DF75EC}" => pomyślnie usunięto
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2C9DBA85-14D6-4468-8D7C-EF38E8FF141F}" => pomyślnie usunięto
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9A504F18-DBCD-41D5-8BFB-39CCE6B8A1C1}" => pomyślnie usunięto
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6ECC61E4-0498-4CCE-9DCD-F598A3DBE78D}" => pomyślnie usunięto
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4E82C839-10DB-4D06-B2B6-494B89DC878C}" => pomyślnie usunięto
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{255926EE-BD54-46DB-AACF-6251A7E87896}" => pomyślnie usunięto
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E27A0108-5C7E-45C6-A090-FFFBBAC5DBA3}" => pomyślnie usunięto
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2D431390-8D2A-40E3-97BB-0E899C81E8F7}" => pomyślnie usunięto
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B929EED5-A07E-4412-95BD-8C394BC4C09B}" => pomyślnie usunięto
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5641C0D3-92F5-4A1B-A7ED-CA66AEB6E26B}" => pomyślnie usunięto
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{AB7967E9-BB12-4822-9063-5C7BCA796C22}" => pomyślnie usunięto
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E3F85092-D875-4403-A371-61A5996667A5}" => pomyślnie usunięto
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7CB7781B-F3D5-48ED-B68A-435968844846}" => pomyślnie usunięto
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5922DAC3-55BA-4799-9D67-B82465187876}" => pomyślnie usunięto
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{10543E1C-2AAB-41EF-9444-6826F310351A}" => pomyślnie usunięto
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{BF7ACBF5-25C9-4562-828E-2FA576B5F02C}" => pomyślnie usunięto
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{46E0CBD9-C4CB-4AFE-95BA-26DDB4B4B167}" => pomyślnie usunięto
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{72EC2928-AC60-4754-8298-66C54A14C006}" => pomyślnie usunięto
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{19B452F4-86ED-4602-9D4C-42C577B455B3}" => pomyślnie usunięto
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E271FE5C-0878-4247-B3BC-D78B25A12DAA}" => pomyślnie usunięto
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{06161BD7-7A51-44AD-B98E-977D6238C9BE}" => pomyślnie usunięto
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{09C0B90D-0B42-4F89-BBC3-63BA27CBCC88}" => pomyślnie usunięto
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3CD4F7BA-2F55-4053-BB93-4E12B126B05F}" => pomyślnie usunięto
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{DC2CDB42-EE51-401F-899F-0583DB524BBA}" => pomyślnie usunięto
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{AE58AB13-944D-412A-9566-9A8FAE7285F1}" => pomyślnie usunięto
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{EE6E91AB-C80B-4A38-BB8B-56018CAD3642}" => pomyślnie usunięto

=========== EmptyTemp: ==========

BITS transfer queue => 8151040 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 81258094 B
Java, Flash, Steam htmlcache => 303565270 B
Windows/system/drivers => 1173089 B
Edge => 1580043 B
Chrome => 760820357 B
Firefox => 0 B
Opera => 115927366 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
LocalService => 0 B
NetworkService => 10172 B
NetworkService => 0 B
Mateusz => 2676160534 B

RecycleBin => 50114115 B
EmptyTemp: => 3.7 GB danych tymczasowych Usunięto.

================================


System wymagał restartu.

==== Koniec  Fixlog 22:40:26 ====